Business Risk and Control Officer - C13 - TAMPA
3800 CITIGROUP CENTER DRIVE BUILDING F TAMPA
Applications have closed
Citi
Citi is a leading global bank for institutions with cross-border needs, a global provider in wealth management and a U.S. personal bank.The Business Risk and Control Officer is a strategic professional who stays abreast of developments within own field and contributes to directional strategy by considering their application in own job and the business. Recognized technical authority for an area within the business. Requires basic commercial awareness. There are typically multiple people within the business that provide the same level of subject matter expertise. Developed communication and diplomacy skills are required in order to guide, influence and convince others, in particular colleagues in other areas and occasional external customers. Significant impact on the area through complex deliverables. Provides advice and counsel related to the technology or operations of the business. Work impacts an entire area, which eventually affects the overall performance and effectiveness of the sub-function/job family
Responsibilities:
- Help contribute to governance and the facilitation of the execution of the Manager Control Assessment (MCA, i.e. Risk & Control Self-Assessment) as required by the MCA Standard including the assessment and appropriate approval of risk associated with business changes.
- Support teams in the quality, completeness, and accuracy of the implementation of the Control Framework, including Risk Control Policy, Control Standard, Issue Management Policy, Lesson Learned Policy and Control Inventory.
- Assist in performing a detailed analysis on the identification of issue root cause, partnering with control and process owners to recommendations holistic corrective actions and improvements, provide check and challenge to ensure appropriate escalation in according with Issue Management and Escalation Policies.
- Help contribute to the Lessons Learned Policy, including monitoring of control breaches and dissemination and learnings across other business units for process improvement to limit the occurrence of similar future events and where similar risk exposure might exist.
- Support the review and challenge process, within the FLUs, on the effective design and management of controls to mitigate risks as required by the Control Standards, including implementation and operation, conducting the control monitoring, handling deficiencies, and escalating issues for resolution.
- Help contribute to the timeliness, accuracy and completeness of the MCA through controls prior to the execution of a process (QC).
- Assist in the monitoring of the adherence to the MCA Standard through controls after the execution of a process (QA).
- Support in dealing with Operational and Compliance Risk in accordance with established Policy requirements.
- Assist in performing a detailed analysis to identify, assess, escalate, and manage risk exposures across Risk Categories (Operational Compliance, Strategic, Reputational, etc), including material, emerging and concentration risks in accordance with enterprise Policies and the establishment of Key Indicators to monitor risk exposures.
- Assist in supporting Risk Appetite and monitor / assess exposures against this in accordance with enterprise requirements (if applicable).
- Be part of the process to identify, assess, record and response to Operational and Compliance Risk events, ensuring these are captured accurately, timely and in accordance with requirements.
- Help ensure that adequate governance and training are in place to support management of Risk profiles.
- Contribute to the risks associated with New Activities and changes to the Business, ensuring these are well understood and adequately controlled (if applicable).
- Support operational risk scenario analysis and stress testing for Operational Risk Capital requirements.
- Support with risk and control assessments or coordination for programs within various risk stripes and ensure sufficient subject matter expertise exists to enable management of these risks within the Business (e.g. third party, fraud, sanctions etc) (if applicable).
- Coordinate risk and control responsibilities and ensure accountabilities are embedded within FLUs, including providing training and leading by example.
- Support with standards and procedures that conform to enterprise requirements and support sound operational and compliance risk management.
- Apply knowledge of the business, products or services to identify and implement control points and processes throughout the business.
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behaviour, conduct and business practices, and escalating, managing and reporting control issues with transparency.
Qualifications:
- 6-10 years of experience.
- MS Excel, MS Access, SAS, SQL, Visual Basic a plus. 5+ years’ experience in financial services.
- Consistently demonstrates clear and concise written and verbal communication skills
- Effective organizational influencing skills required.
- Third party vendor management preferred. Demonstrated ability to lead global team efforts
- Excellent problem-solving skills Ability to comprehend the big pictures with high attention to critical details
- Demonstrated ability to develop and implement strategy and process improvement initiatives.
Education:
- Bachelor's/University degree, Master's degree preferred.
Job Summary
The CSIS Information Risk Program Manager is accountable for providing the CSIS organization with leadership, consultancy, and program oversight to deliver a standard and consistent approach to programs operations across all units and geographies, ensuring a robust risk and control infrastructure while delivering effective and efficient services to our functional areas and business partners.
The CSIS Information Risk manager reports directly to the CSIS Global Head of Information Risk Management and responsibilities include managing Information security, Electronic Communications and Data Privacy programs and engages with other managers across Citi (Information Security, Records Management, Data Privacy, CTI, Legal, Operational Risk Management and other global functions professionals). Engagement requires involvement to ensure proper corporate programs execution and compliance levels. As part of this role, it is required to execute functional strategies for a large/complex country, cluster of countries, or business requiring coordination and integration across units. The position requires a broad and comprehensive understanding of the different policies, systems, theories, and practices relevant to the Information Risk Management programs. The position requires a thorough understanding of the strategic direction of Citi and CSIS to effectively collaborate with other programs staff to contribute and supply insights that enhance the business strategy. This position also requires a thorough understanding of industry knowledge, trends and best practices that can be applied to the function and programs.
Responsibilities:
- Help contribute to governance and the facilitation of the execution of the CSIS Information Risk Management programs.
- Provide support to reach the needed quality, completeness, and accuracy of the implementation of the Information Risk Management programs.
- Provide guidance and assistance on the identification, assessment, management, and mitigation of current and emerging (inherent and residual) risk exposures associated with CSIS Information Risk Management activities and operations.
- Coordinate with CSIS functional programs representatives to perform a detailed analysis on issue root cause, generate controls recommendations, holistic corrective actions, and improvements. Provide check and challenge to ensure appropriate escalation in according with Issue Management and Escalation Policies.
- Support compliance with applicable Information Risk Management laws, rules, and regulations, adhering to Policy, applying sound ethical judgment, conducting business practices, escalating, managing remediation and reporting control issues with transparency.
- Consult with corporate partners such as the Information Security Office (CSIS GISO, BISO), Data Privacy Office, Operational Risk Management Office, CSIS Data Governance Officer, to ensure proper adoption of policy mandates and compliance levels.
- Provide support and consultancy to all CSIS programs employees on any matters within the information risk management scope.
- Assist on the creation of methodologies, procedures, and governance of the overall CSIS Information Risk Management programs to properly guide our employees on the implementation of the associated policies.
- Aid in the design and implementation of Information Risk Management indicators related to Key Operative Risks (KOR), Key Risk Indicators (KRIs) in alignment with Citi’s top risks taxonomies and appetite.
Qualifications:
- 6-10 years of experience
- Demonstrated ability to apply knowledge of regulatory/compliance risk and other applicable US and international regulations, particularly as they relate to Information Risk Management.
- Demonstrated understanding of cybersecurity risk, mitigation, and solutions to resolve threats using industry leading technical controls and tools.
- Demonstrated understanding of technologies, their purpose, security requirements and data protection needs.
- Project Management and organizational skills.
- Ability to manage confidential information.
- Effective organizational influencing skills across cultures.
- Proven ability to work in high-pressure, challenging environment with a strong sense of urgency.
- Strong problem-solving skills and ability to understand the big picture with attention to detail.
- Consistently demonstrate clear and concise written and verbal communication skills
- Education:
- Bachelor's degree/University degree
- Master's degree preferred.
- CISSP, CISM, CRISC, CISA preferred.
------------------------------------------------------
Job Family Group:
Risk Management------------------------------------------------------
Job Family:
Business Risk & Control------------------------------------------------------
Time Type:
Full time------------------------------------------------------
Primary Location:
Tampa Florida United States------------------------------------------------------
Primary Location Full Time Salary Range:
$103,920.00 - $155,880.00
In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.
------------------------------------------------------
Anticipated Posting Close Date:
Oct 18, 2024------------------------------------------------------
Citi is an equal opportunity and affirmative action employer.
Qualified applicants will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Citigroup Inc. and its subsidiaries ("Citi”) invite all qualified interested applicants to apply for career opportunities. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.
View the "EEO is the Law" poster. View the EEO is the Law Supplement.
View the EEO Policy Statement.
View the Pay Transparency Posting
Tags: BISO CISA CISM CISSP Compliance CRISC GISO Governance Monitoring Privacy Risk management SQL Strategy Vendor management
Perks/benefits: Career development Competitive pay Health care Insurance Medical leave Team events Transparency Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.